diff options
| author | Damien Miller <djm@mindrot.org> | 2003-01-14 22:24:47 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2003-01-14 22:24:47 +1100 |
| commit | 5fa01fd7fba87bbd716b4ca32d4d7e2f7180975a (patch) | |
| tree | 68a78059ae0fb2036c739bcb0e479689e87a6532 | |
| parent | 7a992387cb9a14fbe9b1a1108bd41c8cb1ccd38a (diff) | |
- djm@cvs.openbsd.org 2003/01/14 10:58:00
[sftp-client.c sftp-int.c]
Don't try to upload or download non-regular files. Report from
apoloval@pantuflo.escet.urjc.es; ok markus@
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | sftp-client.c | 11 | ||||
| -rw-r--r-- | sftp-int.c | 24 |
3 files changed, 36 insertions, 5 deletions
@@ -14,6 +14,10 @@ [sftp-int.c] make cmds[] array static to avoid conflict with BSDI libc. mindrot bug #466. Fix from mdev@idg.nl; ok markus@ + - djm@cvs.openbsd.org 2003/01/14 10:58:00 + [sftp-client.c sftp-int.c] + Don't try to upload or download non-regular files. Report from + apoloval@pantuflo.escet.urjc.es; ok markus@ 20030113 - (djm) Rework openbsd-compat/setproctitle.c a bit: move emulation type @@ -1017,4 +1021,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2571 2003/01/14 11:24:19 djm Exp $ +$Id: ChangeLog,v 1.2572 2003/01/14 11:24:47 djm Exp $ diff --git a/sftp-client.c b/sftp-client.c index 3fac22be..8c12dae1 100644 --- a/sftp-client.c +++ b/sftp-client.c @@ -28,7 +28,7 @@ /* XXX: copy between two remote sites */ #include "includes.h" -RCSID("$OpenBSD: sftp-client.c,v 1.40 2003/01/10 08:48:15 djm Exp $"); +RCSID("$OpenBSD: sftp-client.c,v 1.41 2003/01/14 10:58:00 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -767,8 +767,8 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, mode = 0666; if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && - (a->perm & S_IFDIR)) { - error("Cannot download a directory: %s", remote_path); + (!S_ISREG(a->perm))) { + error("Cannot download non-regular file: %s", remote_path); return(-1); } @@ -1002,6 +1002,11 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, close(local_fd); return(-1); } + if (!S_ISREG(sb.st_mode)) { + error("%s is not a regular file", local_path); + close(local_fd); + return(-1); + } stat_to_attrib(&sb, &a); a.flags &= ~SSH2_FILEXFER_ATTR_SIZE; @@ -25,7 +25,7 @@ /* XXX: recursive operations */ #include "includes.h" -RCSID("$OpenBSD: sftp-int.c,v 1.54 2003/01/13 11:04:04 djm Exp $"); +RCSID("$OpenBSD: sftp-int.c,v 1.55 2003/01/14 10:58:00 djm Exp $"); #include "buffer.h" #include "xmalloc.h" @@ -381,6 +381,17 @@ is_dir(char *path) } static int +is_reg(char *path) +{ + struct stat sb; + + if (stat(path, &sb) == -1) + fatal("stat %s: %s", path, strerror(errno)); + + return(S_ISREG(sb.st_mode)); +} + +static int remote_is_dir(struct sftp_conn *conn, char *path) { Attrib *a; @@ -494,6 +505,12 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) /* Only one match, dst may be file, directory or unspecified */ if (g.gl_pathv[0] && g.gl_matchc == 1) { + if (!is_reg(g.gl_pathv[i])) { + error("Can't upload %s: not a regular file", + g.gl_pathv[0]); + err = 1; + goto out; + } if (tmp_dst) { /* If directory specified, append filename */ if (remote_is_dir(conn, tmp_dst)) { @@ -525,6 +542,11 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) } for (i = 0; g.gl_pathv[i]; i++) { + if (!is_reg(g.gl_pathv[i])) { + error("skipping non-regular file %s", + g.gl_pathv[i]); + continue; + } if (infer_path(g.gl_pathv[i], &tmp)) { err = -1; goto out; |